Merge branch 'main' into fix-glossary-term-listing

bootstrap/sql/migrations/native/1.5.15/mysql/schemaChanges.sql

@@ -0,0 +1,5 @@
+-- Make domain policy and role non-system
+UPDATE policy_entity SET json = JSON_SET(json, '$.provider', 'user') where name = 'DomainOnlyAccessPolicy';
+UPDATE policy_entity SET json = JSON_SET(json, '$.allowDelete', true) where name = 'DomainOnlyAccessPolicy';
+UPDATE role_entity SET json = JSON_SET(json, '$.provider', 'user') where name = 'DomainOnlyAccessRole';
+UPDATE role_entity SET json = JSON_SET(json, '$.allowDelete', true) where name = 'DomainOnlyAccessRole';

bootstrap/sql/migrations/native/1.5.15/postgres/schemaChanges.sql

@@ -0,0 +1,5 @@
+-- Make domain policy and role non-system
+UPDATE policy_entity SET json = JSONB_SET(json::jsonb, '{provider}', '"user"', true) where name = 'DomainOnlyAccessPolicy';
+UPDATE policy_entity SET json = JSONB_SET(json::jsonb, '{allowDelete}', 'true', true) WHERE name = 'DomainOnlyAccessPolicy';
+UPDATE role_entity SET json = JSONB_SET(json::jsonb, '{provider}', '"user"', true) where name = 'DomainOnlyAccessRole';
+UPDATE role_entity SET json = JSONB_SET(json::jsonb, '{allowDelete}', 'true', true) WHERE name = 'DomainOnlyAccessRole';

conf/openmetadata.yaml

@@ -180,6 +180,7 @@ authenticationConfiguration:
   # This will only be valid when provider type specified is customOidc
   providerName: ${CUSTOM_OIDC_AUTHENTICATION_PROVIDER_NAME:-""}
   publicKeyUrls: ${AUTHENTICATION_PUBLIC_KEYS:-[http://localhost:8585/api/v1/system/config/jwks]}
+  tokenValidationAlgorithm: ${AUTHENTICATION_TOKEN_VALIDATION_ALGORITHM:-"RS256"}
   authority: ${AUTHENTICATION_AUTHORITY:-https://accounts.google.com}
   clientId: ${AUTHENTICATION_CLIENT_ID:-""}
   callbackUrl: ${AUTHENTICATION_CALLBACK_URL:-""}

openmetadata-docs/content/v1.6.x/collate-menu.md

@@ -3,34 +3,23 @@ site_menu:
   - category: Home
     url: /
 
-  - category: Enable Security
-    url: /deployment
-  - category: Enable Security / Ldap Authentication
-    url: /deployment/security/ldap
-  - category: Enable Security / Auth0 SSO
-    url: /deployment/security/auth0
-  - category: Enable Security / Azure SSO
-    url: /deployment/security/azure
-  - category: Enable Security / Custom OIDC SSO
-    url: /deployment/security/custom-oidc
-  - category: Enable Security / OIDC SSO
-    url: /deployment/security/oidc
-  - category: Enable Security / Google SSO
-    url: /deployment/security/google
-  - category: Enable Security / Okta SSO
-    url: /deployment/security/okta
-  - category: Enable Security / Amazon Cognito SSO
-    url: /deployment/security/amazon-cognito
-  - category: Enable Security / One Login SSO
-    url: /deployment/security/one-login
-  - category: Enable Security / Keycloak SSO
-    url: /deployment/security/keycloak
-  - category: Enable Security / Saml
-    url: /deployment/security/saml
-  - category: Enable Security / Saml / AWS
-    url: /deployment/security/saml/aws
-  - category: Enable Security / Saml / Azure
-    url: /deployment/security/saml/azure
+  - category: Getting Started
+    url: /getting-started
+
+  - category: Getting Started / Day 1
+    url: /getting-started/day-1
+  - category: Getting Started / Day 1 / Hybrid SaaS
+    url: /getting-started/day-1/hybrid-saas
+  - category: Getting Started / Day 1 / Hybrid SaaS / Airflow
+    url: /getting-started/day-1/hybrid-saas/airflow
+  - category: Getting Started / Day 1 / Hybrid SaaS / MWAA
+    url: /getting-started/day-1/hybrid-saas/mwaa
+  - category: Getting Started / Day 1 / Hybrid SaaS / GCS Composer
+    url: /getting-started/day-1/hybrid-saas/gcs-composer
+  - category: Getting Started / Day 1 / Hybrid SaaS / GitHub Actions
+    url: /getting-started/day-1/hybrid-saas/github-actions
+  - category: Getting Started / Day 1 / Hybrid SaaS / Credentials
+    url: /getting-started/day-1/hybrid-saas/credentials
 
   - category: Connectors
     url: /connectors
@@ -794,24 +783,65 @@ site_menu:
     url: /how-to-guides/data-governance/domains-&-data-products/domains
   - category: How-to Guides / Data Governance / Domains & Data Product /  How to Use Data Products
     url: /how-to-guides/data-governance/domains-&-data-products/data-products
+  - category: How-to Guides / Data Governance / Workflows
+    url: /how-to-guides/data-governance/workflows
+  - category: How-to Guides / Data Governance / Workflows / Default Workflows
+    url: /how-to-guides/data-governance/workflows/default-workflows
+  - category: How-to Guides / Data Governance / Workflows / Default Workflows / Glossary Approval Workflow
+    url: /how-to-guides/data-governance/workflows/default-workflows/glossary-approval
+  - category: How-to Guides / Data Governance / Workflows / Default Workflows / Table Certification Workflow
+    url: /how-to-guides/data-governance/workflows/default-workflows/table-certification
+  - category: How-to Guides / Data Governance / Workflows / Default Workflows / Dashboard Certification Workflow
+    url: /how-to-guides/data-governance/workflows/default-workflows/dashboard-certification
+  - category: How-to Guides / Data Governance / Workflows / Elements
+    url: /how-to-guides/data-governance/workflows/elements
+  - category: How-to Guides / Data Governance / Workflows / Elements / Triggers
+    url: /how-to-guides/data-governance/workflows/elements/triggers
+  - category: How-to Guides / Data Governance / Workflows / Elements / Triggers / Event Based Entity Trigger
+    url: /how-to-guides/data-governance/workflows/elements/triggers/event-based-entity-trigger
+  - category: How-to Guides / Data Governance / Workflows / Elements / Triggers / Periodic Batch Entity Trigger
+    url: /how-to-guides/data-governance/workflows/elements/triggers/periodic-batch-entity-trigger
+  - category: How-to Guides / Data Governance / Workflows / Elements / Nodes
+    url: /how-to-guides/data-governance/workflows/elements/nodes
+  - category: How-to Guides / Data Governance / Workflows / Elements / Nodes / Check Entity Attributes
+    url: /how-to-guides/data-governance/workflows/elements/nodes/check-entity-attributes
+  - category: How-to Guides / Data Governance / Workflows / Elements / Nodes / Create User Task
+    url: /how-to-guides/data-governance/workflows/elements/nodes/create-user-task
+  - category: How-to Guides / Data Governance / Workflows / Elements / Nodes / Set Asset Certification
+    url: /how-to-guides/data-governance/workflows/elements/nodes/set-asset-certification
+  - category: How-to Guides / Data Governance / Workflows / Elements / Nodes / Set Glossary Term Status
+    url: /how-to-guides/data-governance/workflows/elements/nodes/set-glossary-term-status
+  - category: How-to Guides / Data Governance / Workflows / How to Edit a Workflow
+    url: /how-to-guides/data-governance/workflows/how-to-edit-workflow
 
-  - category: Getting Started
-    url: /getting-started
-
-  - category: Getting Started / Day 1
-    url: /getting-started/day-1
-  - category: Getting Started / Day 1 / Hybrid SaaS
-    url: /getting-started/day-1/hybrid-saas
-  - category: Getting Started / Day 1 / Hybrid SaaS / Airflow
-    url: /getting-started/day-1/hybrid-saas/airflow
-  - category: Getting Started / Day 1 / Hybrid SaaS / MWAA
-    url: /getting-started/day-1/hybrid-saas/mwaa
-  - category: Getting Started / Day 1 / Hybrid SaaS / GCS Composer
-    url: /getting-started/day-1/hybrid-saas/gcs-composer
-  - category: Getting Started / Day 1 / Hybrid SaaS / GitHub Actions
-    url: /getting-started/day-1/hybrid-saas/github-actions
-  - category: Getting Started / Day 1 / Hybrid SaaS / Credentials
-    url: /getting-started/day-1/hybrid-saas/credentials
+  - category: Enable Security
+    url: /deployment
+  - category: Enable Security / Ldap Authentication
+    url: /deployment/security/ldap
+  - category: Enable Security / Auth0 SSO
+    url: /deployment/security/auth0
+  - category: Enable Security / Azure SSO
+    url: /deployment/security/azure
+  - category: Enable Security / Custom OIDC SSO
+    url: /deployment/security/custom-oidc
+  - category: Enable Security / OIDC SSO
+    url: /deployment/security/oidc
+  - category: Enable Security / Google SSO
+    url: /deployment/security/google
+  - category: Enable Security / Okta SSO
+    url: /deployment/security/okta
+  - category: Enable Security / Amazon Cognito SSO
+    url: /deployment/security/amazon-cognito
+  - category: Enable Security / One Login SSO
+    url: /deployment/security/one-login
+  - category: Enable Security / Keycloak SSO
+    url: /deployment/security/keycloak
+  - category: Enable Security / Saml
+    url: /deployment/security/saml
+  - category: Enable Security / Saml / AWS
+    url: /deployment/security/saml/aws
+  - category: Enable Security / Saml / Azure
+    url: /deployment/security/saml/azure
 
   - category: Releases
     url: /releases

openmetadata-docs/content/v1.6.x/connectors/dashboard/powerbi-report-server/index.md

@@ -1,6 +1,6 @@
 ---
 title: Run the PowerBI Report Server Connector Externally
-slug: /connectors/dashboard/powerbireportserver/yaml
+slug: /connectors/dashboard/powerbireportserver
 ---
 
 {% connectorDetailsHeader

openmetadata-docs/content/v1.6.x/how-to-guides/data-governance/glossary/approval.md

@@ -13,16 +13,18 @@ Watch the video to learn more about **[Glossary Approval Workflow](https://www.y
 
 To automate the approval workflow, ensure that your Glossary has **Reviewers** assigned. If you glossary has reviewers assigned, the glossary approval workflow gets triggered when a **New Term** is added.
 
-- The new term will show up in the Glossary, but will be marked as **Draft**. 
+- The new term will show up in the Glossary, but will be marked as **Draft**.
+- This term will transition into the **In Review** status.
 - Only the assigned **Reviewers** can Approve or Reject the term.
 - A **Task** is assigned for the Reviewers.
 - The details of the glossary term can be viewed in the **Overview Tab**.
 - Users can discuss further about the term by **replying** on the task.
 - Other users can be pulled into the conversation using **@mentions**.
 - The approved terms will have the **Approved** label next to them.
 - Similarly, the rejected terms will be marked as **Rejected**.
+- If a **Rejected** or **Approved** term is updated, it will trigger the workflow again and it will get back to  **In Review**.
 
-{% note noteType="Warning" %} 
+{% note noteType="Warning" %}
 In case, the glossary **does not have any Reviewers** assigned, then the glossary terms will be **Approved** by default.
 {% /note noteType="Warning" %}
 {% /note %}
@@ -33,4 +35,4 @@ In case, the glossary **does not have any Reviewers** assigned, then the glossar
   icon="MdArrowForward"
   href="/how-to-guides/data-governance/glossary/styling"%}
   Associate glossary terms to data assets making it easier for data discovery
-{%/inlineCallout%}
+{%/inlineCallout%}

openmetadata-docs/content/v1.6.x/how-to-guides/data-governance/workflows/default-workflows/dashboard-certification.md

@@ -0,0 +1,44 @@
+---
+title: Governance Workflows - Dashboard Certification Workflow (Default)
+slug: /how-to-guides/data-governance/workflows/default-workflows/dashbaord-certification
+collate: true
+---
+
+# Governance Workflows - Dashboard Certification Workflow (Default)
+
+The **Dashboard Certification Workflow** is a periodic batch workflow designed to automatically manage the certification process for dashboards within Collate.
+It is triggered periodically based on the configured scheduled, it fetches the assets based on the filters and it certifies dashbaords based on their attributes.
+
+{% image src="/images/v1.6/how-to-guides/governance/workflows-table-certification" alt="dashbaord-certification" /%}
+
+## Workflow Elements
+
+- **Owners and Description are not Null nor Empty**
+This task checks where the dashbaord has an owner and a description
+
+If either attribute is missing or empty, the workflow moves to **Don't set certification**.
+Otherwise, the workflow moves to **Entity is Tier 1 or Tier 2**.
+
+- **Entity is Tier 1 or Tier 2**
+This task checks if the dashbaord is categorized under *Tier 1* or *Tier 2*.
+
+If the dashbaord is either *Tier 1* or *Tier 2*, the workflow moves to **Entity is Tier 1**.
+Otherwise, the workflow moves to **Set Bronze Certification**.
+
+- **Entity is Tier 1**
+This task checks if the dashbaord is specifically *Tier 1*.
+
+If the dashbaord is *Tier 1*, the workflow moves to **Set Gold Certification**.
+Otherwise, the workflow moves to **Set Silver Certification**.
+
+- **Set No Certification**
+Sets the dashbaord certification to *None*.
+
+- **Set Bronze Certification**
+Sets the dashbaord certification to *Bronze*.
+
+- **Set Silver Certification**
+Sets the dashbaord certification to *Silver*.
+
+- **Set Gold Certification**
+Sets the dashbaord certification to *Gold*.

openmetadata-docs/content/v1.6.x/how-to-guides/data-governance/workflows/default-workflows/glossary-approval.md

@@ -0,0 +1,44 @@
+---
+title: Governance Workflows - Glossary Approval Workflow (Default)
+slug: /how-to-guides/data-governance/workflows/default-workflows/glossary-approval
+collate: true
+---
+
+# Governance Workflows - Glossary Approval Workflow (Default)
+
+The **Glossary Approval Workflow** is designed to define the process of updating the status of Glossary Terms within Collate.
+It is triggered when a Glossary Term is created or updated and it ensures it undergoes a review process until it reaches the desired status.
+
+{% image src="/images/v1.6/how-to-guides/governance/workflows-glossary-approval" alt="glossary-approval" /%}
+
+## Workflow Elements
+
+- **Check if Glossary Term has Reviewers**
+This task checks whether the glossary term has any reviewers assigned.
+
+If no reviewers are found, the glossary term is directly marked as approved.
+If reviewers are found, the workflow moves to **Check if Glossary Term is Ready to be Reviewed**.
+
+- **Check if Glossary Term is Ready to be Reviewed**
+This task verifies if the glossary term is ready for review based on the presence of a description.
+
+If the glossary term is ready for review, the workflow moves to **Set Status to 'In Review'**.
+If the glossary term is not ready, the workflow moves to **Set Status to 'Draft'**.
+
+- **Set Status to 'In Review'**
+If the glossary term is ready, its status is set to "In Review".
+
+- **Set Status to 'Draft'**
+If the glossary term is not ready for review, its status is set to "Draft".
+
+- **Approval**
+A user approval task where reviewers approve or reject the glossary term.
+
+If the glossary term is *approved* by the reviewers, the workflow moves to **Set Status to 'Approved'**.
+If the glossary term is *rejected* by the reviewers, the workflow moves to  **Set Status to 'Rejected'**.
+
+- **Set Status to 'Approved'**
+If the glossary term is approved, its status is updated to "Approved".
+
+- **Set Status to 'Rejected'**
+If the glossary term is rejected, its status is updated to "Rejected".

openmetadata-docs/content/v1.6.x/how-to-guides/data-governance/workflows/default-workflows/index.md

@@ -0,0 +1,33 @@
+---
+title: Governance Workflows - Default Workflows
+slug: /how-to-guides/data-governance/workflows/default-workflows
+collate: true
+---
+
+# Governance Workflows - Default Workflows
+
+These workflows are a good starting point for different governance tasks. They should be used as they are or modified to suit your needs.
+
+{%inlineCalloutContainer%}
+ {%inlineCallout
+  color="violet-70"
+  bold="Glossary Approval Workflow"
+  icon="MdMenuBook"
+  href="/how-to-guides/data-governance/workflows/default-workflows/glossary-approval"%}
+  Define how the Glossary Approval Workflow should work.
+ {%/inlineCallout%}
+ {%inlineCallout
+  color="violet-70"
+  bold="Table Certification Workflow"
+  icon="MdMenuBook"
+  href="/how-to-guides/data-governance/workflows/default-workflows/table-certification"%}
+  Define how to classify your Table Asset with different Certification Levels to indicate data trustworthiness and quality.
+ {%/inlineCallout%}
+ {%inlineCallout
+  color="violet-70"
+  bold="Dashboard Certification Workflow"
+  icon="MdMenuBook"
+  href="/how-to-guides/data-governance/workflows/default-workflows/dashboard-certification"%}
+  Define how to classify your Dashboard Asset with different Certification Levels to indicate data trustworthiness and quality.
+ {%/inlineCallout%}
+{%/inlineCalloutContainer%}

openmetadata-docs/content/v1.6.x/how-to-guides/data-governance/workflows/default-workflows/table-certification.md

@@ -0,0 +1,44 @@
+---
+title: Governance Workflows - Table Certification Workflow (Default)
+slug: /how-to-guides/data-governance/workflows/default-workflows/table-certification
+collate: true
+---
+
+# Governance Workflows - Table Certification Workflow (Default)
+
+The **Table Certification Workflow** is a periodic batch workflow designed to automatically manage the certification process for tables within Collate.
+It is triggered periodically based on the configured scheduled, it fetches the assets based on the filters and it certifies tables based on their attributes.
+
+{% image src="/images/v1.6/how-to-guides/governance/workflows-table-certification" alt="table-certification" /%}
+
+## Workflow Elements
+
+- **Owners and Description are not Null nor Empty**
+This task checks where the table has an owner and a description
+
+If either attribute is missing or empty, the workflow moves to **Don't set certification**.
+Otherwise, the workflow moves to **Entity is Tier 1 or Tier 2**.
+
+- **Entity is Tier 1 or Tier 2**
+This task checks if the table is categorized under *Tier 1* or *Tier 2*.
+
+If the table is either *Tier 1* or *Tier 2*, the workflow moves to **Entity is Tier 1**.
+Otherwise, the workflow moves to **Set Bronze Certification**.
+
+- **Entity is Tier 1**
+This task checks if the table is specifically *Tier 1*.
+
+If the table is *Tier 1*, the workflow moves to **Set Gold Certification**.
+Otherwise, the workflow moves to **Set Silver Certification**.
+
+- **Set No Certification**
+Sets the table certification to *None*.
+
+- **Set Bronze Certification**
+Sets the table certification to *Bronze*.
+
+- **Set Silver Certification**
+Sets the table certification to *Silver*.
+
+- **Set Gold Certification**
+Sets the table certification to *Gold*.

openmetadata-docs/content/v1.6.x/how-to-guides/data-governance/workflows/elements/index.md

@@ -0,0 +1,24 @@
+---
+title: Governance Workflows - Elements
+slug: /how-to-guides/data-governance/workflows/elements
+collate: true
+---
+
+# Governance Workflows - Elements
+
+{%inlineCalloutContainer%}
+ {%inlineCallout
+  color="violet-70"
+  bold="Trigger"
+  icon="MdMenuBook"
+  href="/how-to-guides/data-governance/workflows/elements/triggers"%}
+  Defines what initiates a workflow (e.g., an event or a scheduled action)
+ {%/inlineCallout%}
+ {%inlineCallout
+  color="violet-70"
+  bold="Nodes"
+  icon="MdMenuBook"
+  href="/how-to-guides/data-governance/workflows/elements/nodes"%}
+  Represent the building blocks of a workflow. You can configure each node to specify conditions, actions or tasks.
+ {%/inlineCallout%}
+{%/inlineCalloutContainer%}